Russian cyber attacks have increased by 300% in NATO countries in 2022 compared to 2020, and by 250% in Ukraine, according to a Google report which confirms the growing importance of this weapon in future conflicts.
“Cyber operations by Russian government-backed attackers ramped up through 2021, ahead of Russia’s” invasion of Ukraine on February 24, 2022, notes the report from cybersecurity firm Mandiant, recently acquired by Google. Cloud to integrate the American giant’s Threat Analysis Group (TAG).
“In 2022, Russia increased targeting of users in Ukraine by 250% compared to 2020. Targeting of users from NATO countries increased by more than 300% during the same period,” he said. he. “It is clear that cyber will now play an integrated role in future armed conflicts, in support of traditional forms of warfare.”
Hacked sites, information warfare, sabotage of critical infrastructures, espionage: the whole cyber panoply has been used by both sides in the war in Ukraine, without being very visible or, for the time being it seems, weighing decisively in combat.
Pro-Moscow hackers “have used destructive malware to disrupt and degrade Ukraine’s military and government capabilities,” Mandiant writes, also describing attacks on civilian infrastructure to undermine Ukrainians’ trust in national facilities.
“We observed more destructive cyberattacks in Ukraine during the first four months of 2022 than in the previous eight years,” the report noted.
Mandiant points out, like others before him, how much these operations mix the plundering of data, the destruction and the contribution to operations of influence, including to support the actions and the reputation of the Russian paramilitary group Wagner.
And he underlines how the world map of actors, often very concerned about financial gain, is being redrawn by the Ukrainian conflict and the geopolitical movements that have resulted from it.
“The war has caused attackers backed by the Chinese government to turn their interest to Ukrainian, Western and European targets for information on the conflict,” the document notes.
Furthermore, the entire Eastern European cyber galaxy has shifted. “The lines are blurring between attackers motivated by financial inflows and those backed by governments in Eastern Europe,” Mandiant notes.
“Threatening actors change targets to align with regional geopolitical interests,” he adds, noting that some groups had disappeared and others had lost prominent figures, no doubt under the weight of disagreements over the strategies to follow.